Amazon cover image
Image from Amazon.com

Security with Go : Explore the power of Golang to secure host, web, and cloud services.

By: Material type: TextTextPublication details: Birmingham : Packt Publishing, 2018.Description: 1 online resource (334 pages)Content type:
  • text
Media type:
  • computer
Carrier type:
  • online resource
ISBN:
  • 9781788622257
  • 1788622251
  • 1788627911
  • 9781788627917
Subject(s): Additional physical formats: Print version:: Security with Go : Explore the power of Golang to secure host, web, and cloud services.DDC classification:
  • 004.6782 23
LOC classification:
  • QA76.585 .L466 2018eb
Online resources:
Contents:
Cover -- Copyright and Credits -- Packt Upsell -- Contributors -- Table of Contents -- Preface -- Chapter 1: Introduction to Security with Go -- About Go -- Go language design -- The History of Go -- Adoption and community -- Common criticisms about Go -- The Go toolchain -- Go mascot -- Learning Go -- Why use Go? -- Why use Go for security? -- Why not use Python? -- Why not use Java? -- Why not use C++? -- Development environment -- Installing Go on other platforms -- Other Linux distributions -- Windows -- Mac -- Setting up Go -- Creating your workspace -- Setting up environment variables -- Editors -- Creating your first package -- Writing your first program -- Running the executable file -- Building the executable file -- Installing the executable file -- Formatting with go fmt -- Running Go examples -- Building a single Go file -- Running a single Go file -- Building multiple Go files -- Building a folder (package) -- Installing a program for use -- Summary -- Chapter 2: The Go Programming Language -- Go language specification -- The Go playground -- A tour of Go -- Keywords -- Notes about source code -- Comments -- Types -- Boolean -- Numeric -- Generic numbers -- Specific numbers -- Unsigned integers -- Signed integers -- Floating point numbers -- Other numeric types -- String -- Array -- Slice -- Struct -- Pointer -- Function -- Interface -- Map -- Channel -- Control structures -- if -- for -- range -- switch, case, fallthrough, and default -- goto -- Defer -- Packages -- Classes -- Inheritance -- Polymorphism -- Constructors -- Methods -- Operator overloading -- Goroutines -- Getting help and documentation -- Online Go documentation -- Offline Go documentation -- Summary -- Chapter 3: Working with Files -- File basics -- Creating an empty file -- Truncating a file -- Getting the file info -- Renaming a file -- Deleting a file.
Opening and closing files -- Checking whether a file exists -- Checking read and write permissions -- Changing permissions, ownership, and timestamps -- Hard links and symlinks -- Reading and writing -- Copying a file -- Seeking positions in a file -- Writing bytes to a file -- Quickly writing to a file -- Buffered writer -- Reading up to n bytes from a file -- Reading exactly n bytes -- Reading at least n bytes -- Reading all bytes of a file -- Quickly reading whole files to memory -- Buffered reader -- Reading with a scanner -- Archives -- Archive (ZIP) files -- Extracting (unzip) archived files -- Compression -- Compressing a file -- Uncompressing a File -- Creating temporary files and directories -- Downloading a file over HTTP -- Summary -- Chapter 4: Forensics -- Files -- Getting file information -- Finding the largest files -- Finding recently modified files -- Reading the boot sector -- Steganography -- Generating an image with random noise -- Creating a ZIP archive -- Creating a steganographic image archive -- Detecting a ZIP archive in a JPEG image -- Network -- Looking up a hostname from an IP address -- Looking up IP addresses from a hostname -- Looking up MX records -- Looking up nameservers for a hostname -- Summary -- Chapter 5: Packet Capturing and Injection -- Prerequisites -- Installing libpcap and Git -- Installing libpcap on Ubuntu -- Installing libpcap on Windows -- Installing libpcap on macOS -- Installing gopacket -- Permission problems -- Getting a list of network devices -- Capturing packets -- Capturing with filters -- Saving to the pcap file -- Reading from a pcap file -- Decoding packet layers -- Creating a custom layer -- Converting bytes to and from packets -- Creating and sending packets -- Decoding packets faster -- Summary -- Chapter 6: Cryptography -- Hashing -- Hashing small files -- Hashing large files.
Storing passwords securely -- Encryption -- Cryptographically secure pseudo-random number generator (CSPRNG) -- Symmetric encryption -- AES -- Asymmetric encryption -- Generating a public and private key pair -- Digitally signing a message -- Verifying a signature -- TLS -- Generating a self-signed certificate -- Creating a certificate signing request -- Signing a certificate request -- TLS server -- TLS client -- Other encryption packages -- OpenPGP -- Off The Record (OTR) messaging -- Summary -- Chapter 7: Secure Shell (SSH) -- Using the Go SSH client -- Authentication methods -- Authenticating with a password -- Authenticating with private key -- Verifying remote host -- Executing a command over SSH -- Starting an interactive shell -- Summary -- Chapter 8: Brute Force -- Brute forcing HTTP basic authentication -- Brute forcing the HTML login form -- Brute forcing SSH -- Brute forcing database login -- Summary -- Chapter 9: Web Applications -- HTTP server -- Simple HTTP servers -- HTTP basic auth -- Using HTTPS -- Creating secure cookies -- HTML escaping output -- Middleware with Negroni -- Logging requests -- Adding secure HTTP headers -- Serving static files -- Other best practices -- CSRF tokens -- Preventing user enumeration and abuse -- Registration -- Login -- Resetting the password -- User profiles -- Preventing LFI and RFI abuse -- Contaminated files -- HTTP client -- The basic HTTP request -- Using the client SSL certificate -- Using a proxy -- Using system proxy -- Using a specific HTTP proxy -- Using a SOCKS5 proxy (Tor) -- Summary -- Chapter 10: Web Scraping -- Web scraping fundamentals -- Finding strings in HTTP responses with the strings package -- Using regular expressions to find email addresses in a page -- Extracting HTTP headers from an HTTP response -- Setting cookies with an HTTP client -- Finding HTML comments in a web page.
Finding unlisted files on a web server -- Changing the user agent of a request -- Fingerprinting web application technology stacks -- Fingerprinting based on HTTP response headers -- Fingerprinting web applications -- How to prevent fingerprinting of your applications -- Using the goquery package for web scraping -- Listing all hyperlinks in a page -- Finding documents in a web page -- Listing page title and headings -- Crawling pages on the site that store the most common words -- Printing a list of external JavaScript files in a page -- Depth-first crawling -- Breadth-first crawling -- How to protect against web scraping -- Summary -- Chapter 11: Host Discovery and Enumeration -- TCP and UDP sockets -- Creating a server -- Creating a client -- Port scanning -- Grabbing a banner from a service -- Creating a TCP proxy -- Finding named hosts on a network -- Fuzzing a network service -- Summary -- Chapter 12: Social Engineering -- Gathering intel via JSON REST API -- Sending phishing emails with SMTP -- Generating QR codes -- Base64 encoding data -- Honeypots -- TCP honeypot -- The TCP testing tool -- HTTP POST form login honeypot -- HTTP form field honeypots -- Sandboxing -- Summary -- Chapter 13: Post Exploitation -- Cross compiling -- Creating bind shells -- Creating reverse bind shells -- Creating web shells -- Finding writable files -- Changing file timestamp -- Changing file permissions -- Changing file ownership -- Summary -- Chapter 14: Conclusions -- Recapping the topics you have learned -- More thoughts on the usage of Go -- What I hope you take away from the book -- Be aware of legal, ethical, and technical boundaries -- Where to go from here -- Getting help and learning more -- Another Book You May Enjoy -- Leave a review -- let other readers know what you think -- Index.
Summary: Since Go has become enormously popular, Go's obvious advantages, like stability, speed and simplicity, make it a first class choice to develop security-oriented scripts and applications. Security with Go is a classical title for security developers, with its emphasis on Go. Based on John Leon's first mover experience, He starts out basic ...
Holdings
Item type Current library Collection Call number Status Date due Barcode Item holds
eBook eBook e-Library EBSCO Computers Available
Total holds: 0

Print version record.

Since Go has become enormously popular, Go's obvious advantages, like stability, speed and simplicity, make it a first class choice to develop security-oriented scripts and applications. Security with Go is a classical title for security developers, with its emphasis on Go. Based on John Leon's first mover experience, He starts out basic ...

Cover -- Copyright and Credits -- Packt Upsell -- Contributors -- Table of Contents -- Preface -- Chapter 1: Introduction to Security with Go -- About Go -- Go language design -- The History of Go -- Adoption and community -- Common criticisms about Go -- The Go toolchain -- Go mascot -- Learning Go -- Why use Go? -- Why use Go for security? -- Why not use Python? -- Why not use Java? -- Why not use C++? -- Development environment -- Installing Go on other platforms -- Other Linux distributions -- Windows -- Mac -- Setting up Go -- Creating your workspace -- Setting up environment variables -- Editors -- Creating your first package -- Writing your first program -- Running the executable file -- Building the executable file -- Installing the executable file -- Formatting with go fmt -- Running Go examples -- Building a single Go file -- Running a single Go file -- Building multiple Go files -- Building a folder (package) -- Installing a program for use -- Summary -- Chapter 2: The Go Programming Language -- Go language specification -- The Go playground -- A tour of Go -- Keywords -- Notes about source code -- Comments -- Types -- Boolean -- Numeric -- Generic numbers -- Specific numbers -- Unsigned integers -- Signed integers -- Floating point numbers -- Other numeric types -- String -- Array -- Slice -- Struct -- Pointer -- Function -- Interface -- Map -- Channel -- Control structures -- if -- for -- range -- switch, case, fallthrough, and default -- goto -- Defer -- Packages -- Classes -- Inheritance -- Polymorphism -- Constructors -- Methods -- Operator overloading -- Goroutines -- Getting help and documentation -- Online Go documentation -- Offline Go documentation -- Summary -- Chapter 3: Working with Files -- File basics -- Creating an empty file -- Truncating a file -- Getting the file info -- Renaming a file -- Deleting a file.

Opening and closing files -- Checking whether a file exists -- Checking read and write permissions -- Changing permissions, ownership, and timestamps -- Hard links and symlinks -- Reading and writing -- Copying a file -- Seeking positions in a file -- Writing bytes to a file -- Quickly writing to a file -- Buffered writer -- Reading up to n bytes from a file -- Reading exactly n bytes -- Reading at least n bytes -- Reading all bytes of a file -- Quickly reading whole files to memory -- Buffered reader -- Reading with a scanner -- Archives -- Archive (ZIP) files -- Extracting (unzip) archived files -- Compression -- Compressing a file -- Uncompressing a File -- Creating temporary files and directories -- Downloading a file over HTTP -- Summary -- Chapter 4: Forensics -- Files -- Getting file information -- Finding the largest files -- Finding recently modified files -- Reading the boot sector -- Steganography -- Generating an image with random noise -- Creating a ZIP archive -- Creating a steganographic image archive -- Detecting a ZIP archive in a JPEG image -- Network -- Looking up a hostname from an IP address -- Looking up IP addresses from a hostname -- Looking up MX records -- Looking up nameservers for a hostname -- Summary -- Chapter 5: Packet Capturing and Injection -- Prerequisites -- Installing libpcap and Git -- Installing libpcap on Ubuntu -- Installing libpcap on Windows -- Installing libpcap on macOS -- Installing gopacket -- Permission problems -- Getting a list of network devices -- Capturing packets -- Capturing with filters -- Saving to the pcap file -- Reading from a pcap file -- Decoding packet layers -- Creating a custom layer -- Converting bytes to and from packets -- Creating and sending packets -- Decoding packets faster -- Summary -- Chapter 6: Cryptography -- Hashing -- Hashing small files -- Hashing large files.

Storing passwords securely -- Encryption -- Cryptographically secure pseudo-random number generator (CSPRNG) -- Symmetric encryption -- AES -- Asymmetric encryption -- Generating a public and private key pair -- Digitally signing a message -- Verifying a signature -- TLS -- Generating a self-signed certificate -- Creating a certificate signing request -- Signing a certificate request -- TLS server -- TLS client -- Other encryption packages -- OpenPGP -- Off The Record (OTR) messaging -- Summary -- Chapter 7: Secure Shell (SSH) -- Using the Go SSH client -- Authentication methods -- Authenticating with a password -- Authenticating with private key -- Verifying remote host -- Executing a command over SSH -- Starting an interactive shell -- Summary -- Chapter 8: Brute Force -- Brute forcing HTTP basic authentication -- Brute forcing the HTML login form -- Brute forcing SSH -- Brute forcing database login -- Summary -- Chapter 9: Web Applications -- HTTP server -- Simple HTTP servers -- HTTP basic auth -- Using HTTPS -- Creating secure cookies -- HTML escaping output -- Middleware with Negroni -- Logging requests -- Adding secure HTTP headers -- Serving static files -- Other best practices -- CSRF tokens -- Preventing user enumeration and abuse -- Registration -- Login -- Resetting the password -- User profiles -- Preventing LFI and RFI abuse -- Contaminated files -- HTTP client -- The basic HTTP request -- Using the client SSL certificate -- Using a proxy -- Using system proxy -- Using a specific HTTP proxy -- Using a SOCKS5 proxy (Tor) -- Summary -- Chapter 10: Web Scraping -- Web scraping fundamentals -- Finding strings in HTTP responses with the strings package -- Using regular expressions to find email addresses in a page -- Extracting HTTP headers from an HTTP response -- Setting cookies with an HTTP client -- Finding HTML comments in a web page.

Finding unlisted files on a web server -- Changing the user agent of a request -- Fingerprinting web application technology stacks -- Fingerprinting based on HTTP response headers -- Fingerprinting web applications -- How to prevent fingerprinting of your applications -- Using the goquery package for web scraping -- Listing all hyperlinks in a page -- Finding documents in a web page -- Listing page title and headings -- Crawling pages on the site that store the most common words -- Printing a list of external JavaScript files in a page -- Depth-first crawling -- Breadth-first crawling -- How to protect against web scraping -- Summary -- Chapter 11: Host Discovery and Enumeration -- TCP and UDP sockets -- Creating a server -- Creating a client -- Port scanning -- Grabbing a banner from a service -- Creating a TCP proxy -- Finding named hosts on a network -- Fuzzing a network service -- Summary -- Chapter 12: Social Engineering -- Gathering intel via JSON REST API -- Sending phishing emails with SMTP -- Generating QR codes -- Base64 encoding data -- Honeypots -- TCP honeypot -- The TCP testing tool -- HTTP POST form login honeypot -- HTTP form field honeypots -- Sandboxing -- Summary -- Chapter 13: Post Exploitation -- Cross compiling -- Creating bind shells -- Creating reverse bind shells -- Creating web shells -- Finding writable files -- Changing file timestamp -- Changing file permissions -- Changing file ownership -- Summary -- Chapter 14: Conclusions -- Recapping the topics you have learned -- More thoughts on the usage of Go -- What I hope you take away from the book -- Be aware of legal, ethical, and technical boundaries -- Where to go from here -- Getting help and learning more -- Another Book You May Enjoy -- Leave a review -- let other readers know what you think -- Index.

Includes bibliographical references.

Added to collection customer.56279.3

Powered by Koha